Medical Devices: Treat Them Like Untrusted End-User Devices

Protecting end-user devices is an essential part of any information security strategy. But many healthcare organizations have literally thousands of connected medical devices - from infusion pumps to heart monitors - used in patient treatment that can be vulnerable, opening the door to a broader cyberattack. Meanwhile, the internet of things, including consumer wearables and other devices, is adding to the challenges of keeping data secure and patients safe.

Dr. Suzanne Schwartz of the Food and Drug Administration kicks off this panel with an overview of the current state of medical device security within the healthcare industry, highlighting some of the unique challenges hospitals face when it comes to security surrounding IoT. From there, the panel discusses why treating medical devices like untrusted end-users is becoming increasingly critical for hospitals of all sizes and shares additional insights about how organizations from all industries should be addressing IoT security risks, from third-party risk, legal and federal regulatory perspectives.

Subscription Preferences:

Medical Devices: Treat Them Like Untrusted End-User Devices

Request to Republish Content

Medical Devices: Treat Them Like Untrusted End-User Devices

Email this Content

Medical Devices: Treat Them Like Untrusted End-User Devices

Jennings Aske

CISO, New York-Presbyterian

Aske is the CISO for New York-Presbyterian. Prior to this he was VP Information Security & Chief Security Officer of Nuance Communications as well as Chief Information Security and Privacy Officer of Partners HealthCare. Prior to Partners, Aske was the Chief Information Security Officer for UMass Memorial Hospital. Aske was also the Chief Information Security Officer for the Commonwealth of Massachusetts's Executive Office of Health and Human Services, responsible for coordinating information security across the 16 state agencies. Aske is a licensed attorney in the Commonwealth of Massachusetts.

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site, and played a lead role in the launch of InformationWeek's healthcare IT media site.

Dave Nathans

Product Security, Siemens Healthcare

David Nathans currently serves as a Product Security Manager for Siemens Healthcare, where he specializes in building cybersecurity programs and Security Operation Centers. Having previously held prominent positions in the defense, retail, managed security and healthcare industries, Nathans has a wealth of cybersecurity knowledge which he shares to help protect companies from this growing threat. His experiences and lessons learned also stem from his time building security programs at one of the largest breached retail companies in history as well as working all over the world as a cyber-operations officer for the U.S. Air Force. He has written and continues to write books and articles for cybersecurity magazines.

Dale Nordenberg, MD

Dale Nordenberg, M.D. is an executive director of the Medical Device Innovation, Safety and Security Consortium. Nordenberg, a pediatrician, is also CEO of the consulting firm Novasano Health and Science and former CIO of the Centers for Disease Control and Prevention. He also co-chairs the Medical Device Security Information Sharing Council for the National Health Information Sharing and Analysis Center.

Suzanne Schwartz, MD

Having served many roles within the FDA, Dr. Suzanne Schwartz currently serves as CDRH Associate Director for Science and Strategic Partnerships. In this capacity, she is charged with assisting the CDRH Director and Deputy Center Director for Science in the development, execution and evaluation of the Center's biomedical science and engineering programs; overseeing CDRH's activities related to the Medical Device Innovation Consortium; supervising the Director, External Expertise and Partnerships Staff; the Center's Chief Pediatric Medical Officer; and the Director, Emergency Operations /Preparedness and Medical Countermeasures (EMCM).

Steven Teppler

Attorney; Bitcoin/Blockchain Expert, Mandelbaum Salsburg P.C.

Teppler has practiced law since 1981 and now leads the firm's electronic discovery and technology based litigation practice. His practice focus is on electronic discovery, including production, preservation, and spoliation matters, and he advises clients about risk, liability, and compliance issues unique to information governance. His experience includes litigation matters, both against and on behalf of Fortune 500 companies, as well as probate and family law disputes where electronic discovery is critically implicated. Nationally, Teppler is the Co-Chair of the American Bar Association's IoT Committee, a member of the Seventh Circuit Court of Appeals Electronic Discovery Pilot Program, a founder and co-chair of the American Bar Association's IoT National Institute as well as the American Bar Association's National Institute on Electronic Discovery and Information Governance, and a contributing author of the ANSI X9F4 trusted timestamp guideline standards for the financial industry. Steven holds six patents in the field of content authentication and is the founder and CEO of a content authentication provider.

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.